How to remove warnings downloading an EXE in a browser and how to prevent SmartScreen warning in Windows8?

Question

PROBLEM 1

I have an application made in delphi with Embarcadero RAD XE6.

When I upload the executable to my website and downloaded from Chrome I get the following warning and blocking the automatic download...

File is not commonly downloaded and could be dangerous.

PROBLEM 2

I downloaded the application and when I run the exe (Windows8) Smartscreen launches with the following warning:

Windows SmartScreen prevented an unrecognized app from starting. Running this app might put your PC at risk.

SOLUTIONS?

I read about it but I'm not sure.

First problem (browser).

• In some sites recommend add the page to Google Webmaster Tools and wait several days to be analyzed.
• Elsewhere indicate edit the server configuration, IIS in my case, I consider mime options are set correctly.

Second problem (OS, especially W8)

All indications are that I need 2 things. Integrity and reputation. That is, I get a digital certificate to sign the executable. In addition I also need the file is downloaded several times to be considered safe (although there are more expensive certificates that promise to save the time of discharge from the start).

My doubts

• How have you solved these problems?

• Does the digital certificate (obtained in Goodaddy, codesigning, InstantSSL, GlobalSign ..) is applied to the server or executable from RAD XE6?

• Does the digital certificate corrects both problems?

Sources:

• http://blogs.msdn.com/b/ieinternals/archive/2011/03/22/authenticode-code-signing-for-developers-for-file-downloads-building-smartscreen-application-reputation.aspx

• EV Code Signing certificate or Code Signing Certificates for Microsoft Authenticode

• Getting around Chrome's Malicious File Warning

• http://www.rohitab.com/discuss/topic/40885-file-is-not-commonly-downloaded-and-could-be-dangerous/

Answer 1

The easiest way to avoid these warnings is to put your executable into an archive (ZIP or RAR archive).

You see the main reason why this warning is raised becouse the executable file that you are trying to downoad still hasn't been downloaded, tested and verified by special testing labs that both Google and Microsoft have.

Now if your server serves the file on demmand or if the file can only be downloaded during the active web sesion the file will probably never be tested as it won't be downloaded by the testing labs.